A company is creating an application that will keep records. The application will run on Amazon EC2 instances and will use an Amazon Aurora MySQL database as its data store. To maintain compliance, the application must not retain information that is determined to be sensitive.
Which technique should a SysOps administrator use to detect if sensitive data is being stored in the application?

A. Export data from the database by using an flaws Lambda function. Store the data in Amazon S3. Use Amazon Macie to examine the stored data. Examine the report for any sensitive data that is discovered. B. Install the Amazon GuardDuty plugin for Aurora. Configure GuardDuty to examine the database. Add the corresponding EC2 CIDR ranges to the trusted IP list in GuardDuty. Examine the report for any sensitive data that is discovered. C. Deploy Amazon Inspector by installing the Amazon Inspector agent on all EC2 instances. Set the Amazon Inspector assessment type to HOST assessment. IncludefineTWORK communications with the Aurora DB cluster. Examine the report for any sensitive data that is discovered. D. Use VPC Flow Logs to examine traffic between the EC2 instances and the Aurora DB cluster. Store the log files in Amazon S3. Use Amazon Detective to examine the extracted log files. Examine the report for any sensitive data that is discovered. Correct Answer: A This question is in SOA-C01 AWS Certified SysOps Administrator – Associate Exam For getting AWS Certified SysOps Administrator – Associate Certificate

Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.